Fedora 16

CPE Details

Fedora 16
fedoraproject
fedora
16
2011-11-08
17h47 +00:00
2011-11-08
17h47 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:fedoraproject:fedora:16:*:*:*:*:*:*:*

Informations

Vendor

fedoraproject

Product

fedora

Version

16

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2020-14312 2021-02-05 22h16 +00:00 A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 31 and in all versions Red Hat Enterprise Linux, where it listens on any interface and accepts queries from addresses outside of its local subnet. In particular, the option `local-service` is not enabled. Running dnsmasq in this manner may inadvertently make it an open resolver accessible from any address on the internet. This flaw allows an attacker to conduct a Distributed Denial of Service (DDoS) against other systems.
5.9
Medium
CVE-2011-4088 2020-01-31 15h45 +00:00 ABRT might allow attackers to obtain sensitive information from crash reports.
7.5
High
CVE-2012-4451 2020-01-03 15h03 +00:00 Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before 2.0.1 allow remote attackers to inject arbitrary web script or HTML via unspecified input to (1) Debug, (2) Feed\PubSubHubbub, (3) Log\Formatter\Xml, (4) Tag\Cloud\Decorator, (5) Uri, (6) View\Helper\HeadStyle, (7) View\Helper\Navigation\Sitemap, or (8) View\Helper\Placeholder\Container\AbstractStandalone, related to Escaper.
6.1
Medium
CVE-2012-5645 2019-12-30 18h57 +00:00 A denial of service flaw was found in the way the server component of Freeciv before 2.3.4 processed certain packets. A remote attacker could send a specially-crafted packet that, when processed would lead to memory exhaustion or excessive CPU consumption.
7.5
High
CVE-2012-1615 2019-12-06 14h46 +00:00 A Privilege Escalation vulnerability exits in Fedoraproject Sectool due to an incorrect DBus file.
7.8
High
CVE-2012-1115 2019-12-05 19h20 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the export, add_value_form, and dn parameters to cmd.php.
6.1
Medium
CVE-2012-1114 2019-12-05 19h03 +00:00 A Cross-Site Scripting (XSS) vulnerability exists in LDAP Account Manager (LAM) Pro 3.6 in the filter parameter to cmd.php in an export and exporter_id action. and the filteruid parameter to list.php.
6.1
Medium
CVE-2012-1105 2019-12-05 17h26 +00:00 An Information Disclosure vulnerability exists in the Jasig Project php-pear-CAS 1.2.2 package in the /tmp directory. The Central Authentication Service client library archives the debug logging file in an insecure manner.
5.5
Medium
CVE-2013-4235 2019-12-02 23h00 +00:00 shadow: TOCTOU (time-of-check time-of-use) race condition when copying and removing directory trees
4.7
Medium
CVE-2012-4524 2019-11-21 13h11 +00:00 xlockmore before 5.43 'dclock' security bypass vulnerability
7.5
High
CVE-2011-2726 2019-11-15 15h21 +00:00 An access bypass issue was found in Drupal 7.x before version 7.5. If a Drupal site has the ability to attach File upload fields to any entity type in the system or has the ability to point individual File upload fields to the private file directory in comments, and the parent node is denied access, non-privileged users can still download the file attached to the comment if they know or guess its direct URL.
7.5
High
CVE-2012-1161 2019-11-14 15h34 +00:00 Moodle before 2.2.2: Course information leak via hidden courses being displayed in tag search results
4.3
Medium
CVE-2012-1170 2019-11-14 15h29 +00:00 Moodle before 2.2.2 has an external enrolment plugin context check issue where capability checks are not thorough
7.5
High
CVE-2012-1169 2019-11-14 15h26 +00:00 Moodle before 2.2.2 has Personal information disclosure, when administrative setting users name display is set to first name only full names are shown in page breadcrumbs.
5.3
Medium
CVE-2012-1160 2019-11-14 15h21 +00:00 Moodle before 2.2.2 has a permission issue in Forum Subscriptions where unenrolled users can subscribe/unsubscribe via mod/forum/index.php
2.7
Low
CVE-2012-1159 2019-11-14 15h16 +00:00 Moodle before 2.2.2: Overview report allows users to see hidden courses
4.3
Medium
CVE-2012-1158 2019-11-14 15h09 +00:00 Moodle before 2.2.2 has a course information leak in gradebook where users are able to see hidden grade items in export
4.3
Medium
CVE-2012-1157 2019-11-14 15h05 +00:00 Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default
4.3
Medium
CVE-2012-1156 2019-11-14 15h01 +00:00 Moodle before 2.2.2 has users' private files included in course backups
7.5
High
CVE-2012-1168 2019-11-14 14h56 +00:00 Moodle before 2.2.2 has a password and web services issue where when the user profile is updated the user password is reset if not specified.
8.2
High
CVE-2012-1155 2019-11-14 14h48 +00:00 Moodle has a database activity export permission issue where the export function of the database activity module exports all entries even those from groups the user does not belong to
7.5
High
CVE-2010-4661 2019-11-13 19h57 +00:00 udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
7.8
High
CVE-2012-0049 2019-11-07 16h13 +00:00 OpenTTD before 1.1.5 contains a Denial of Service (slow read attack) that prevents users from joining the server.
4.3
Medium
CVE-2019-3882 2019-04-24 13h23 +00:00 A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively granted ownership of the device, it may cause a system memory exhaustion and thus a denial of service (DoS). Versions 3.10, 4.14 and 4.18 are vulnerable.
5.5
Medium
CVE-2019-11234 2019-04-21 14h36 +00:00 FreeRADIUS before 3.0.19 does not prevent use of reflection for authentication spoofing, aka a "Dragonblood" issue, a similar issue to CVE-2019-9497.
9.8
Critical
CVE-2015-8836 2016-03-30 08h00 +00:00 Integer overflow in the isofs_real_read_zf function in isofs.c in FuseISO 20070708 might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a large ZF block size in an ISO file, leading to a heap-based buffer overflow.
7.3
High
CVE-2015-8837 2016-03-30 08h00 +00:00 Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file.
7.3
High
CVE-2014-0477 2014-07-03 15h00 +00:00 The parse function in Email::Address module before 1.905 for Perl uses an inefficient regular expression, which allows remote attackers to cause a denial of service (CPU consumption) via an empty quoted string in an RFC 2822 address.
5
CVE-2014-0221 2014-06-05 19h00 +00:00 The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
4.3
CVE-2014-3470 2014-06-05 19h00 +00:00 The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h, when an anonymous ECDH cipher suite is used, allows remote attackers to cause a denial of service (NULL pointer dereference and client crash) by triggering a NULL certificate value.
4.3
CVE-2010-5109 2014-05-05 15h00 +00:00 Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to cause a denial of service (crash) via a crafted TNEF file, which triggers a buffer overflow.
4.3
CVE-2012-2095 2014-04-07 13h00 +00:00 The SetWiredProperty function in the D-Bus interface in WICD before 1.7.2 allows local users to write arbitrary configuration settings and gain privileges via a crafted property name in a dbus message.
6.9
CVE-2013-6474 2014-03-14 14h00 +00:00 Heap-based buffer overflow in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows remote attackers to execute arbitrary code via a crafted PDF file.
6.8
CVE-2013-6475 2014-03-14 14h00 +00:00 Multiple integer overflows in (1) OPVPOutputDev.cxx and (2) oprs/OPVPSplash.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allow remote attackers to execute arbitrary code via a crafted PDF file, which triggers a heap-based buffer overflow.
6.8
CVE-2013-6476 2014-03-14 14h00 +00:00 The OPVPWrapper::loadDriver function in oprs/OPVPWrapper.cxx in the pdftoopvp filter in CUPS and cups-filters before 1.0.47 allows local users to gain privileges via a Trojan horse driver in the same directory as the PDF file.
4.4
CVE-2011-4930 2014-02-10 16h00 +00:00 Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4, and possibly certain 7.7.x versions, as used in Red Hat MRG Grid and possibly other products, allow local users to cause a denial of service (condor_schedd daemon and failure to launch jobs) and possibly execute arbitrary code via format string specifiers in (1) the reason for a hold for a job that uses an XML user log, (2) the filename of a file to be transferred, and possibly other unspecified vectors.
4.4
CVE-2013-6890 2013-12-23 21h00 +00:00 denyhosts 2.6 uses an incorrect regular expression when analyzing authentication logs, which allows remote attackers to cause a denial of service (incorrect block of IP addresses) via crafted login names.
5
CVE-2013-0237 2013-07-08 20h00 +00:00 Cross-site scripting (XSS) vulnerability in Plupload.as in Moxiecode plupload before 1.5.5, as used in WordPress before 3.5.1 and other products, allows remote attackers to inject arbitrary web script or HTML via the id parameter.
4.3
CVE-2012-6129 2013-04-03 00h00 +00:00 Stack-based buffer overflow in utp.cpp in libutp, as used in Transmission before 2.74 and possibly other products, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted "micro transport protocol packets."
7.5
CVE-2012-1568 2013-03-01 02h00 +00:00 The ExecShield feature in a certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 5 and 6 and Fedora 15 and 16 does not properly handle use of many shared libraries by a 32-bit executable file, which makes it easier for context-dependent attackers to bypass the ASLR protection mechanism by leveraging a predictable base address for one of these libraries.
1.9
CVE-2012-6075 2013-02-13 00h00 +00:00 Buffer overflow in the e1000_receive function in the e1000 device driver (hw/e1000.c) in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service (guest OS crash) and possibly execute arbitrary guest code via a large packet.
9.3
CVE-2013-0170 2013-02-08 19h00 +00:00 Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.
6.8
CVE-2012-5656 2013-01-18 10h00 +00:00 The rasterization process in Inkscape before 0.48.4 allows local users to read arbitrary files via an external entity in a SVG file, aka an XML external entity (XXE) injection attack.
5.5
Medium
CVE-2012-2251 2013-01-11 00h00 +00:00 rssh 2.3.2, as used by Debian, Fedora, and others, when the rsync protocol is enabled, allows local users to bypass intended restricted shell access via a (1) "-e" or (2) "--" command line option.
4.4
CVE-2012-3354 2012-11-19 23h00 +00:00 doku.php in DokuWiki, as used in Fedora 16, 17, and 18, when certain PHP error levels are set, allows remote attackers to obtain sensitive information via the prefix parameter, which reveals the installation path in an error message.
4.3
CVE-2012-4406 2012-10-22 21h00 +00:00 OpenStack Object Storage (swift) before 1.7.0 uses the loads function in the pickle Python module unsafely when storing and loading metadata in memcached, which allows remote attackers to execute arbitrary code via a crafted pickle object.
9.8
Critical
CVE-2012-4453 2012-10-09 21h00 +00:00 dracut.sh in dracut, as used in Red Hat Enterprise Linux 6, Fedora 16 and 17, and possibly other products, creates initramfs images with world-readable permissions, which might allow local users to obtain sensitive information.
2.1
CVE-2012-4415 2012-10-01 01h00 +00:00 Stack-based buffer overflow in the guac_client_plugin_open function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a long protocol name.
7.5
CVE-2012-1149 2012-06-21 13h00 +00:00 Integer overflow in the vclmi.dll module in OpenOffice.org (OOo) 3.3, 3.4 Beta, and possibly earlier, and LibreOffice before 3.5.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted embedded image object, as demonstrated by a JPEG image in a .DOC file, which triggers a heap-based buffer overflow.
7.5
CVE-2012-0037 2012-06-16 23h00 +00:00 Redland Raptor (aka libraptor) before 2.0.7, as used by OpenOffice 3.3 and 3.4 Beta, LibreOffice before 3.4.6 and 3.5.x before 3.5.1, and other products, allows user-assisted remote attackers to read arbitrary files via a crafted XML external entity (XXE) declaration and reference in an RDF document.
6.5
Medium
CVE-2012-1988 2012-05-29 18h00 +00:00 Puppet 2.6.x before 2.6.15 and 2.7.x before 2.7.13, and Puppet Enterprise (PE) Users 1.0, 1.1, 1.2.x, 2.0.x, and 2.5.x before 2.5.1 allows remote authenticated users with agent SSL keys and file-creation permissions on the puppet master to execute arbitrary commands by creating a file whose full pathname contains shell metacharacters, then performing a filebucket request.
6
CVE-2012-1146 2012-05-17 08h00 +00:00 The mem_cgroup_usage_unregister_event function in mm/memcontrol.c in the Linux kernel before 3.2.10 does not properly handle multiple events that are attached to the same eventfd, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by registering memory threshold events.
5.5
Medium
CVE-2012-1180 2012-04-17 19h00 +00:00 Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
5
CVE-2012-2089 2012-04-17 19h00 +00:00 Buffer overflow in ngx_http_mp4_module.c in the ngx_http_mp4_module module in nginx 1.0.7 through 1.0.14 and 1.1.3 through 1.1.18, when the mp4 directive is used, allows remote attackers to cause a denial of service (memory overwrite) or possibly execute arbitrary code via a crafted MP4 file.
6.8
CVE-2011-3045 2012-03-22 15h00 +00:00 Integer signedness error in the png_inflate function in pngrutil.c in libpng before 1.4.10beta01, as used in Google Chrome before 17.0.963.83 and other products, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PNG file, a different vulnerability than CVE-2011-3026.
6.8
CVE-2011-4862 2011-12-25 00h00 +00:00 Buffer overflow in libtelnet/encrypt.c in telnetd in FreeBSD 7.3 through 9.0, MIT Kerberos Version 5 Applications (aka krb5-appl) 1.0.2 and earlier, Heimdal 1.5.1 and earlier, GNU inetutils, and possibly other products allows remote attackers to execute arbitrary code via a long encryption key, as exploited in the wild in December 2011.
10
CVE-2011-4516 2011-12-15 01h00 +00:00 Heap-based buffer overflow in the jpc_cox_getcompparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted numrlvls value in a coding style default (COD) marker segment in a JPEG2000 file.
6.8
CVE-2011-4517 2011-12-15 01h00 +00:00 The jpc_crg_getparms function in libjasper/jpc/jpc_cs.c in JasPer 1.900.1 uses an incorrect data type during a certain size calculation, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code, or cause a denial of service (heap memory corruption), via a crafted component registration (CRG) marker segment in a JPEG2000 file.
6.8
CVE-2011-4315 2011-12-08 19h00 +00:00 Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
6.8
CVE-2011-4107 2011-11-17 18h00 +00:00 The simplexml_load_string function in the XML import plug-in (libraries/import/xml.php) in phpMyAdmin 3.4.x before 3.4.7.1 and 3.3.x before 3.3.10.5 allows remote authenticated users to read arbitrary files via XML data containing external entity references, aka an XML external entity (XXE) injection attack.
6.5
Medium
CVE-2010-4001 2010-11-05 21h00 +00:00 GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: CVE disputes this issue because the GMXLDLIB value is always added to the beginning of LD_LIBRARY_PATH at a later point in the script
4.6
CVE-2010-1439 2010-06-07 12h00 +00:00 yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (RHEL) 5 and Fedora uses world-readable permissions for the /var/spool/up2date/loginAuth.pkl file, which allows local users to access the Red Hat Network profile, and possibly prevent future security updates, by leveraging authentication data from this file.
3.6
CVE-2009-3564 2009-10-06 15h22 +00:00 puppetmasterd in puppet 0.24.6 does not reset supplementary groups when it switches to a different user, which might allow local users to access restricted files.
4.7